Lead Cyber Intel Analyst

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Position Description/Responsibilities

• Develop intelligence requirements and methods for intel monitoring
• Collect and analyze reports on emerging threats, vulnerabilities, and TTPs
• Design automated workflows and playbooks for collection
• Develop technical collection in a range of open source and commercial tools
• Manage and update intel collection in an Intel Platform
• Produce clear and concise alerts, assessments, and RFIs
• Develop investigative leads to support hunt and detection engineering
• Participate in ISAC and security community sharing

Critical Requirements

• Track and detect threats with Indicators of Compromise (IOC)
• Demonstrated ability to prioritize and convert intel into detection
• Ability to leverage security operations events or incidents to drive intel
• Expertise in OSINT (e.g. Virus Total, Censys, Domain tools, Greynoise, etc.)
• Ability to identify and track adversary trends and behaviors
• Present threat landscape findings to technical and non-technical audiences
• Ability to manage and drive quarterly goals and operational shifts in priority
• Clear communicator, collaborator, and team player across the organization
• Ability to commit to Our Values

Following Qualifications would be advantageous:

• 7+ years of professional experience in CTI, incident response, threat hunting, security engineering, or detection roles
• Bachelor’s degree in computer science, information security, internation relations, or risk management
• Certifications in or courses like the below are competitive:
• FOR578: Cyber Threat Intelligence Training
• FOR610: Reverse Engineering or Malware Analysis
• SEC503: Network Monitoring and Threat Detection In-Depth
• SEC560: Enterprise Penetration Testing Course
• SEC573: Automating Information Security with Python
• OffSec Certified Professional (OSCP) certification

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!